Skip to main content

TLS 1.0 disabled on Nginx

webtipster
Hi guys, Can't figure this one out... When running ssllabs.com SSL test I see that on one of the servers TLS 1.0 and TLS 1.1 are still enabled. When I compare the settings with another server I basically have the same, but on the 2nd server they are disabled. I just can't figure it out, perhaps I've been staring at it too long. Any ideas what am I missing here? Apache configuration SSL cipher suite: default SSL/TLS protocols: default (TLSv1.2). cPanel Web Disk Configuration TLS/SSL Cipher Suite: ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:!DSS TLS/SSL Protocols: SSLv23:!SSLv2:!SSLv3 cPanel Web Services: TLS/SSL Cipher List: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256 TLS/SSL Protocols: SSLv23:!SSLv2:!SSLv3 Thanks in advance!

Comments

2 comments

Date Votes
  • webtipster
    DUH!!! LOL! Ok I forgot that I had nginx running on this one. Yea, starred at it too long lol. Made an edit on the common_https.conf and added the following changes: ssl_protocols TLSv1.2; ssl_ciphers 'ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384' In case anyone else runs into these types of issues. :-) Thanks!
    0
  • cPanelMichael
    Hello @webtipster, I'm glad to see you were able to solve the issue. Thank you for sharing the outcome.
    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post